Solved Check disk won't run, can't lock disk

Status
Not open for further replies.
That file wasn't even that big. Haha only a little over 2 MB. I wonder why the board wouldn't accept. Must be a strict limit.

The error that I'm seeing is RADAR_PRE_LEAK_WOW64 - which seems like graphics driver related.

Might be time to update your graphics driver...

Seems like Flash Player operates on a good graphics card, per the system requirements. If the driver is out of date, it may cause errors.

Go to Start > type in devmgmt.msc and hit Enter.

Search for and expand Display Adapters. For each in the list, right-click and choose Update. Make sure to search for updates Automatically. This will check Windows Update servers for a graphics card driver update.
 
DxDiag
  1. Click Start and then click Run.
  2. Type dxdiag in the Open box, and then click OK.
  3. Click Save all information, and it will collect information and it will prompt you to save the file. Save the file to the Desktop.
  4. Find DxDiag.txt on your Desktop, and post the contents of it in your next reply.
 
Hope this doesn't seem backwards, but let's work with this tool. Then, attempt Flash issues again to see if resolved...

  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
RGKRScan.png


  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
RGKRDelete.png


  • The report has been created on the desktop.
  • Next click on the ShortcutsFix

    RGKRShortcutsFix.png
  • The report has been created on the desktop.
Please post:

All RKreport.txt text files located on your desktop.
 
Here are the rkreports.
 

Attachments

  • RKreport[4].txt
    1.6 KB · Views: 1
  • RKreport[5].txt
    1.6 KB · Views: 1
  • RKreport[6].txt
    1.1 KB · Views: 1
Good. That showed something important. Now, to verify...

Please download aswMBR from here

  • Save aswMBR.exe to your Desktop
  • Double click aswMBR.exe to run it
  • Click the Scan button to start the scan as illustrated below

aswMBR_Scan.jpg


Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

  • Once the scan finishes click Save log to save the log to your Desktop
    aswMBR_SaveLog.png

  • Copy and paste the contents of aswMBR.txt back here for review
 
We need to fix the Master Boot Record using aswMBR now.

  • Double click aswMBR.exe to run it like before
  • Once the scan finishes click FixMBR to remove the infection as illustrated below

aswMBR_FixMBR.jpg



  • Once the scan finishes click Save log to save the log to your Desktop
    aswMBR_SaveLog.png

  • Copy and paste the contents of aswMBR.txt back here for review
 
Here is the aswMBR log I am not sure if I was suppose to rescan after the fixMBR. I didn't rescan I just clicked the save log after fixmbr was complete. I hope I am making sense;
 

Attachments

  • aswMBR.txt
    1.7 KB · Views: 1
Excellent work Nia!

ComboFix Script

  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the codebox below into it:
    ClearJavaCache::
    Click to expand...
  • Save this as CFScript.txt, in the same location as ComboFix.exe

    CFScriptB-4.gif
  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • Please post the contents of the log in your next reply.
 
I hope this isn't a dumb question but I have a feeling a may be just because I am working off of no sleep every since my mother was released from the hospital. Question is am I running Combo Fix first and then moving the script after Combo Fix is done running?
 
Oh...sorry to hear that.

But, anyway, move the script in to ComboFix and it will start ComboFix automatically. No need to double-click beforehand.
 
ComboFix 12-07-31.02 - Roniesha 08/01/2012 4:42.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3933.2545 [GMT -7:00]
Running from: c:\users\Roniesha\Downloads\ComboFix.exe
Command switches used :: c:\users\Roniesha\Downloads\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\_ctypes.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\_elementtree.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\_hashlib.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\_socket.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\_ssl.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\pyexpat.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\pysqlite2._sqlite.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\python26.dll
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\pythoncom26.dll
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\PyWinTypes26.dll
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\select.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\unicodedata.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\win32api.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\win32com.shell.shell.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\win32crypt.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\win32event.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\win32file.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\win32inet.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\win32pdh.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\win32process.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\windows._cacheinvalidation.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wx._controls_.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wx._core_.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wx._gdi_.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wx._html2.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wx._misc_.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wx._windows_.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wx._wizard.pyd
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wxbase293u_net_vc.dll
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wxbase293u_vc.dll
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wxmsw293u_adv_vc.dll
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wxmsw293u_core_vc.dll
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wxmsw293u_html_vc.dll
c:\users\Roniesha\AppData\Local\Temp\_MEI33882\wxmsw293u_webview_vc.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-07-01 to 2012-08-01 )))))))))))))))))))))))))))))))
.
.
2012-08-01 11:49 . 2012-08-01 11:49 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-08-01 11:49 . 2012-08-01 11:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-01 11:49 . 2012-08-01 11:49 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-07-31 22:09 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E8E10A6E-C8D7-4221-ACCB-0D623F4AEBB7}\mpengine.dll
2012-07-31 00:04 . 2012-08-01 11:31 -------- d-s---w- c:\users\Roniesha\Google Drive
2012-07-30 21:29 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-25 18:51 . 2012-07-25 18:51 -------- d-----w- C:\MGADiagToolOutput
2012-07-25 18:50 . 2012-07-25 18:50 -------- d-----w- c:\programdata\Office Genuine Advantage
2012-07-25 04:58 . 2012-07-25 04:58 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-25 04:58 . 2012-07-25 04:58 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-24 08:50 . 2012-07-24 08:49 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{44DD89A1-DB50-4EFD-A6E5-0A2FF57663FA}\gapaengine.dll
2012-07-24 08:48 . 2012-07-24 08:48 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-07-24 08:48 . 2012-07-24 08:48 -------- d-----w- c:\program files\Microsoft Security Client
2012-07-21 18:00 . 2012-07-16 09:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7038FCEF-B9E5-4DFA-B17F-2BD0ECA6B53D}\mpengine.dll
2012-07-18 15:24 . 2012-07-18 15:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-18 15:24 . 2012-07-03 20:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-18 04:30 . 2012-07-18 04:30 -------- d-----w- c:\users\Roniesha\AppData\Local\Macromedia
2012-07-18 04:29 . 2012-07-18 04:29 -------- d-----w- c:\users\Roniesha\AppData\Local\Programs
2012-07-18 04:21 . 2012-07-18 04:21 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-07-18 04:21 . 2012-07-18 04:21 -------- d-----w- c:\program files (x86)\Java
2012-07-18 04:18 . 2012-07-18 04:17 268720 ----a-w- c:\windows\system32\javaws.exe
2012-07-18 04:17 . 2012-07-18 04:17 189360 ----a-w- c:\windows\system32\javaw.exe
2012-07-18 04:17 . 2012-07-18 04:17 188840 ----a-w- c:\windows\system32\java.exe
2012-07-18 04:17 . 2012-07-18 04:17 -------- d-----w- c:\program files\Java
2012-07-18 03:54 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-18 01:54 . 2012-07-18 01:54 55960 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-07-18 01:46 . 2012-07-24 08:54 -------- d-----w- c:\program files (x86)\Charter Security Suite
2012-07-18 01:44 . 2012-07-18 01:45 -------- d-----w- c:\programdata\fssg
2012-07-18 01:38 . 2012-07-24 08:46 -------- d-----w- c:\programdata\f-secure
2012-07-03 01:15 . 2012-07-03 01:15 -------- d-----w- c:\users\Public\New folder
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-01 11:50 . 2011-04-25 19:15 58288 ----a-w- c:\windows\SysWow64\rpcnet.dll
2012-08-01 11:50 . 2011-04-21 19:49 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2012-08-01 11:50 . 2011-04-21 19:49 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe
2012-08-01 11:50 . 2011-04-21 19:49 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2012-07-29 20:13 . 2011-04-25 19:14 13160 ----a-w- c:\windows\SysWow64\Upgrd.exe
2012-07-29 20:13 . 2011-04-25 19:15 58288 ------w- c:\windows\SysWow64\rpcnet.exe
2012-07-18 04:21 . 2010-04-22 02:59 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-18 04:17 . 2012-02-23 09:58 955840 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-07-18 04:17 . 2012-02-23 09:58 839096 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-18 03:52 . 2011-05-11 02:54 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-02 22:19 . 2012-06-22 19:21 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 19:22 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 19:22 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 19:22 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 19:21 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 22:19 . 2012-06-22 19:21 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 19:22 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 19:21 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 22:15 . 2012-06-22 19:21 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-05-20 20:37 . 2012-05-20 20:37 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-05-04 11:06 . 2012-06-16 21:53 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-16 21:53 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-16 21:53 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-18_21.04.32 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-07-18 16:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-01 11:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-18 16:12 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-01 11:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-18 16:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-01 11:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-04-22 02:46 . 2012-08-01 11:32 60818 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-01 11:32 51124 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-04-25 19:15 . 2012-08-01 11:32 20258 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-240996578-1074617293-3798557580-1001_UserData.bin
+ 2012-03-21 03:44 . 2012-03-21 03:44 98688 c:\windows\system32\drivers\NisDrvWFP.sys
- 2011-04-25 22:01 . 2012-07-18 11:43 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-04-25 22:01 . 2012-07-24 23:25 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-02-23 09:55 . 2012-07-24 23:25 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-02-23 09:55 . 2012-07-18 11:43 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-24 23:25 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-18 11:43 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-10 03:44 . 2012-08-01 11:29 8720 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2012-07-18 16:11 . 2012-07-18 16:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-01 11:50 . 2012-08-01 11:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-18 16:11 . 2012-07-18 16:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-08-01 11:50 . 2012-08-01 11:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-25 04:58 . 2012-07-25 04:58 686280 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_Plugin.exe
+ 2012-07-25 04:58 . 2012-07-25 04:58 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2011-04-28 00:57 . 2012-07-29 19:32 234508 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2011-04-25 20:26 . 2012-08-01 10:10 233406 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2012-08-01 10:12 629196 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-08-01 10:12 109038 c:\windows\system32\perfc009.dat
- 2011-04-25 19:32 . 2012-05-31 19:25 279656 c:\windows\system32\MpSigStub.exe
+ 2011-04-25 19:32 . 2012-01-31 12:44 279656 c:\windows\system32\MpSigStub.exe
+ 2012-07-25 04:58 . 2012-07-25 04:58 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_265_Plugin.exe
+ 2012-03-21 03:44 . 2012-03-21 03:44 203888 c:\windows\system32\drivers\MpFilter.sys
+ 2009-07-14 04:46 . 2012-07-25 18:50 149424 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 05:01 . 2012-07-18 16:11 308040 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-08-01 11:49 308040 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-24 08:48 . 2012-07-24 08:48 109563 c:\windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\SCEP.exe
+ 2012-07-24 08:48 . 2012-07-24 08:48 123352 c:\windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\MSE.exe
+ 2012-07-24 08:48 . 2012-07-24 08:48 109563 c:\windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\INTUNE.exe
+ 2012-07-24 08:48 . 2012-07-24 08:48 109563 c:\windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\FEP.exe
+ 2012-07-24 08:48 . 2012-07-24 08:48 109563 c:\windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\EPP.exe
+ 2012-07-25 04:58 . 2012-07-25 04:58 9465032 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
+ 2012-07-25 04:58 . 2012-07-25 04:58 1536712 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
+ 2011-04-26 07:16 . 2012-08-01 11:49 4488072 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-240996578-1074617293-3798557580-1001-8192.dat
- 2011-05-10 03:44 . 2012-07-18 06:52 2451184 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-240996578-1074617293-3798557580-1001-12288.dat
+ 2011-05-10 03:44 . 2012-07-27 00:25 2451184 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-240996578-1074617293-3798557580-1001-12288.dat
+ 2012-03-27 02:21 . 2012-03-27 02:21 7622656 c:\windows\Installer\91df2.msi
+ 2012-07-18 20:42 . 2012-07-18 20:42 7931392 c:\windows\Installer\4f6c252.msi
+ 2012-07-25 04:58 . 2012-07-25 04:58 12314312 c:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll
+ 2012-07-23 20:02 . 2012-07-23 20:02 12752896 c:\windows\Installer\5ef30c3.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]
@="{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}"
[HKEY_CLASSES_ROOT\CLSID\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]
2010-07-07 17:57 153064 ----a-w- c:\windows\SysWOW64\pfmshx_463.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-22 39408]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-07-20 12218904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"NortonOnlineBackupReminder"="c:\program files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" [2009-08-10 529256]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-18 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-08 135664]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-08 135664]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-27 291696]
R3 Normandy;Normandy SR2; [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-09 239136]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-03-31 835952]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-30 1255736]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-22 283200]
S1 pfmfs_463;pfmfs_463;c:\windows\system32\Drivers\pfmfs_463.sys [2010-07-07 249704]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2011-12-12 290832]
S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [2011-06-28 123320]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2009-08-24 126392]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2009-02-13 292864]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-23 75304]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 35008]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2009-06-15 12800]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 946688]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-08 20:54]
.
2012-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-08 20:54]
.
2012-07-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240996578-1074617293-3798557580-1001Core.job
- c:\users\Roniesha\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-26 07:06]
.
2012-08-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240996578-1074617293-3798557580-1001UA.job
- c:\users\Roniesha\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-26 07:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-07-20 22:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-07-20 22:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-07-20 22:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-07-20 22:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]
@="{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}"
[HKEY_CLASSES_ROOT\CLSID\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]
2010-07-07 17:57 173544 ----a-w- c:\windows\System32\pfmshx_463.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-20 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-20 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-20 410648]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-10 520760]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 1271168]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Roniesha\AppData\Roaming\Mozilla\Firefox\Profiles\cvtwdj5y.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.198\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\SysWOW64\rpcnet.exe
.
**************************************************************************
.
Completion time: 2012-08-01 04:55:06 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-01 11:55
ComboFix2.txt 2012-08-01 11:26
ComboFix3.txt 2012-07-18 21:11
.
Pre-Run: 160,793,059,328 bytes free
Post-Run: 160,710,344,704 bytes free
.
- - End Of File - - 44707DDBC2C82F22527C376965AF414D
 
Still the same problem. I still can't even get the check disk to run so that it can solve this problem.
 
Okie dokie...

For the chkdsk errors...what exactly is happening when you try to run chkdsk?

What method do you use when trying to do so?
 
I have tried running chkdsk from my computer clicking on the C: drive and hitting properties and clicking on tools and hitting error checker. I then click on the two options automatically fix file system errors and scan for and attempt recovery of bad sectors. I click on the option to do chkdsk the next time the computer starts. I restart the computer and it boots back up but chkdsk never runs. I have tried having it run through the command prompt as well still the same result. I have done this in safe mode and regular mode (sorry my brain isn't functioning to well so I hope that part makes sense).
 
Let's try this... Go to Start, type in CMD and right-click on Command Prompt and select Run as administrator.

Type in chkdsk /f /r and hit enter. Confirm the reboot check.

Reboot the computer, and see if it does chkdsk.
 
Status
Not open for further replies.

Similar threads

H
Windows 7 Successfully Installed on UEFI PC Won't Boot
Replies
2
Views
458
info12345
info12345
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
midian182
Your PC may not be able to run Windows 11, download Microsoft's Health Check to find out
2
Replies
40
Views
5K
Avro Arrow
Avro Arrow

Latest posts

Back